<?php
ob_start(); 
session_start();

function getlang(){
		$lang = $_SESSION['lang'];
		if (empty($lang) || $lang == "KR") {
			$value = "value/value_kr.php";
		} else if($lang == "VN") {
			$value = "value/value_vn.php";
		}
		else if($lang == "EN"){
			$value = "value/value_en.php";
		}
		return $value;
	}
	
	$value = getlang();
	include($value);
//passold=asd&passnew1=sad&passnew2=asd
if(isset($_REQUEST['changePass'])){
	$passold=$_REQUEST['passold'];
	echo $passold;
	$passnew1=$_REQUEST['passnew1'];
	$passnew2=$_REQUEST['passnew2'];
	
	if(!isset($_SESSION['tkemail'])){
		if(!isset($_COOKIE['tkemail'])){
			$_SESSION['action']='login';
			header( 'Location: index.php' );
		}else {
			$_SESSION['tkemail']=$_COOKIE["tkemail"];
		    $_SESSION['tkemailrestore']=$_COOKIE["tkemailrestore"];
		    $_SESSION['role']=$_COOKIE["role"];
			
			$tkemail=$_SESSION['tkemail'];
		}
	}else 
		$tkemail=$_SESSION['tkemail'];
		
	if(empty($passold))
		$_SESSION['error']=$errorProfile1;
	else if(empty($passnew1))
		$_SESSION['error']=$errorProfile2;
	else if(empty($passnew2))
		$_SESSION['error']=$errorProfile3;
	else{
		include 'connection/connection.php';
		
		
		$passold = md5($passold);
			
		$query = mysql_query("select * from user_info where email='$tkemail' and passwd = '$passold'");
		//echo "select * from user_info where email='$tkemail' and passwd = '$passold'";
		$co=0;
		while ($row=mysql_fetch_array($query)){
			$co=1;
		}
		
		
		if($co==1)
		{
			if($passnew1==$passnew2){
				$passnew1 = md5($passnew1);
				$c = mysql_query("UPDATE user_info SET passwd='$passnew1' WHERE (email='$tkemail')");
				if($c==1)
					$_SESSION['success']=$errorProfile4;
			}else{
				$_SESSION['error']=$errorProfile5;
			}
		}
		else
			$_SESSION['error']=$errorProfile6;
		mysql_connect($connection);
	}
	header( 'Location: index.php' );

}
if(isset($_REQUEST['cancel']))
	header( 'Location: index.php' );
	
ob_flush();
?>